const xss = require('xss');
const mysql = require('mysql');
const escape = mysql.escape;

options = {
  whiteList: {
    a: ['href', 'title', 'target']
  }
};  // 自定义规则
const customXss = new xss.FilterXSS(options);

function ensure(param) {
  return escape(customXss.process(param));
}

module.exports = ensure;
